package com.translate.web.config.interceptor;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import com.common.conf.CrossDomainConfig;
import com.common.util.GetPlatformByRequest;

/**
 * 跨域请求
 * 
 * @author 111
 */
@Component
public class CrossDomainRequestInterceptor extends HandlerInterceptorAdapter {

	private CrossDomainConfig config;

	@Resource
	public void setConfig(CrossDomainConfig config) {
		this.config = config;
	}

	/**
	 * # 允许请求地址跨域 * 做为通配符 add_header Access-Control-Allow-Origin *; # 允许跨域的请求方法
	 * add_header Access-Control-Allow-Methods 'GET,POST,options'; # 请求头 add_header
	 * Access-Control-Allow-Headers
	 * 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
	 * 
	 * 
	 */
	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
			throws Exception {

		String[] domains = config.getDomain();

		String originHeader = request.getHeader("Origin");

		String url = request.getRequestURL().toString();

		if (-1 != url.indexOf("/api/wx/callback")) {
			return this.setHeader(request, response, originHeader);
		}

		if (GetPlatformByRequest.isMobileDevice(request.getHeader("user-agent"))) {
			return this.setHeader(request, response, originHeader);
		}

//		String url = request.getRequestURL().toString();

		if (-1 != url.indexOf("/admin/payNotice/alipayNotice")) {
			return this.setHeader(request, response, "https://openapi.alipay.com");
		}

		if (null == originHeader) {
			return false;
		}

		originHeader = originHeader.trim();

		boolean b = false;

		for (int i = 0; i < domains.length; i++) {

			if (domains[i].equals(originHeader)) {

				b = true;
				break;
			}
		}

		if (!b) {
			return false;
		}

		return this.setHeader(request, response, originHeader);

	}

	private boolean setHeader(HttpServletRequest request, HttpServletResponse response, String originHeader) {

		response.setHeader("Access-Control-Allow-Origin", originHeader);

		response.setHeader("Access-Control-Allow-Credentials", "true");
		response.setHeader("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PATCH, DELETE, PUT");
		response.setHeader("Access-Control-Max-Age", "3600");
		response.setHeader("Content-Type", "application/json");
		// DNT,X-Mx-ReqToken
		response.setHeader("Access-Control-Allow-Headers",
				"Origin, storeType, X-Requested-With, Content-Type, Accept,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Token,Authorization");
//		response.setHeader("Access-Control-Allow-Headers", "*");

		// 如果是OPTIONS则结束请求
		if (HttpMethod.OPTIONS.toString().equals(request.getMethod())) {
			response.setStatus(HttpStatus.NO_CONTENT.value());
			return false;
		}

		return true;
	}
}
